Software based techniques for limiting the number of users who may access a program running on a host computer are well-known in the art. For example Burrows et al. in "A Logic of Authentication," ACM Transactions on Computer Systems, Vol. 8, No. 1, Pages 18-36 (February 1990), review the theoretical bases of many of the protocols that have been developed for providing security in distributed systems.
In a more practical example, Enescu et al., in U.S. Pat. No. 4,941,175, issued Jul. 10, 1990, disclose a method for controlling the number of users given access to software running on a host-based system by use of an encrypted authorization list and an access control program.
A problem with this method is that the user can bypass the authorization checks by simply updating one of the records in the access control list to contain the user identification of a newly requesting user. The method provides no protection against changing the contents of the access control list, nor does it specify that the list cannot be changed.
Other types of access control programs that utilize hardware devices, like magnetic cards, with time data coded on the magnetic card are also known. For example, Abraham et al., in U.S. Pat. No. 5,048,085, issued Sep. 10, 1991, disclose a security system for network access that utilizes a card having an embedded integrated circuit.
In another approach to network security, Johnson et al., in U.S. Pat. No. 5,023,907, issued Jun. 11, 1991, disclose a network license server that limits the number of users that can use the network at a given time.
None of these techniques provide a software based method for limiting the number of users of a network resource to a group persons listed in a file, while allowing the file to be updated according to conditions specified by a software based timing policy.